1. Field of the Invention
The present invention relates to the field of secure computing and more particularly to computer-human differentiation in secure computing.
2. Description of the Related Art
The advent of network computing and the global Internet has provided vast new opportunities for information sharing not previously possible. The global Internet in particular provides a vehicle through which unimaginable volumes of content can be shared with the public without regard to the geographic distance separating content publisher from content consumer. Notwithstanding, the availability of the widespread dissemination of content over the global Internet is not without consequence. In this regard, the use of the global Internet to distribute content often relies upon the good faith of content consumers that all will consume content on a fair and equal basis. Automated logic, however, can skew content consumption in favor of automated mechanisms at the expense of human consumers.
Specifically, bot technology permits rapid and repeated access to content at a pace orders of magnitude greater than a human end-user. In consequence, malicious agents can defeat the intent of content publishers publishing content intended for consumption by human end-users at a pace expected only of a human end user. The net result can include the over consumption of resources of the content provider and the unauthorized mining of content for purposes not authorized by the content provider.
To defeat the operation of bot technology accessing content intended for direct human consumption, various forms of reverse Turing tests have been contrived including tailored challenge-response tests. “CAPTCHA” is one such well-known challenge-response test in which the content publisher (or its proxy) challenges an end-user to state text rendered in a distorted manner within an image. Presumably, an automated process cannot recognize the text due to its distortion. Yet, a human end user can adequately recognize the text and respond in kin in a minimally burdensome manner. Thus, CAPTCHA aids in differentiating a computer response from a human response.
CAPTCHA technologies such as that described in U.S. Patent Application Publication US 2007/0124595 by Carter et al. (Carter) for METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT FOR ACCESS CONTROL, provide for the advanced ability of dynamically selecting CAPTHCA images for display during an access control process to add a layer of complexity in the CAPTCHA process. For example, as described in Carter, an image for CAPTCHA can be generated according to provided meta-data—namely image attributes—such as a gender of an image of a person, or a dimensionality of a shape. Using the meta-data, the CAPTCHA image can be produced and used during the access control process.
Of note, alternatives to CAPTCHA include prompting end users to engage in manually interactive processes such as drawing with a pointing device about a designated region of a display screen or display element. A well-known alternative common to the financial services industry includes presenting to an end user a series of pictures that are to be selected in accordance with an associated keyword. In all circumstances, however, a reasonable probability remains that an automated bot can correctly “guess” a response to a challenge to defeat the intent of the challenge-response exercise. Even still, to reduce the probability of a correct guess to a challenge-response exercise can frustrate the end user with an overly complicated process.